Feb 24, 2012

How do I force BIND9 to bind to a specific IP?


This is my setup:

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
    inet scope global lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever

‘lo’ is magical in the sense that that line actually creates ~250 bindable addresses. Most daemons bind to these without trouble. However, this does not work in my BIND9-config:

listen-on port 53 {; };

(I’ve tried without “port 53” too). The problem is that for BIND, listen-on is like a “binding whitelist”, that it matches to all IPs it can find on all interfaces. In this case, it does not find on any interfaces, so it does not bind.

Can anyone recommend a workaround? I should point out that this is a testing setup on which I am moving things around all the time so I would prefer a solution that does not involve too many moving parts.

Asked by Habbie


After a bit of testing… Bind doesn’t appear to work the way you have observed other daemons working. I have noted 2 workarounds the first is add an additional address to lo to allow bind to bind to it

ip addr add dev lo

The second is to change the address bind listens on to

Answered by Iain

Related posts:

  1. In BIND, forward DNS query for specific domain to specific nameserver
  2. Error in Bind9 named.conf file. Bind won’t start
  3. Can I log specific queries on Bind 9?
  4. Should I use /etc/bind/zones/ or /var/cache/bind/?
  5. How to bind Apache to specific IP and port on Windows Server 2008

Leave a comment